1. Field of the Invention
The present invention relates to a device and method for managing data in accordance with an access right, and so on.
2. Description of the Related Art
Recent years have seen the widespread use of intranets in organizations such as public offices, business offices, and schools. Such an intranet is often provided with a server for managing data shared by a plurality of users. In general, among such servers, one that manages data on a file-by-file basis is called a “file server”, and one that manages data by using an application of a database is called a “database server” in many cases.
Recent years also have seen the widespread use of image forming apparatuses having various functions such as copying, faxing, scanning, and network printing. Such image forming apparatuses are sometimes called “multifunction devices”, “Multi-Functional Peripherals (MFPs)”, or the like. Such image forming apparatuses have recently been provided with a data server function.
A plurality of image forming apparatuses is often provided in one intranet. In such a case, data may be shared by the image forming apparatuses through a communication line, and data may be also shared through a removable storage medium such as a Universal Serial Bus (USB) memory (Japanese Laid-open Patent Publication No. 2012-119824).
When access to data is allowed without any limitation, something undesirable for security may occur. In view of this, a method has been well-known in which access to data is restricted by setting an access right on a data-by-data basis.
Such a work to set access rights is burdensome to a data administrator. To cope with this, the following method has been proposed. A PC extracts a face image from digital photo images, generates a registered person list for the respective face images, also generates a human relation meta DB. The PC calculates a share candidate point for a person in the registered person list on the basis of the temporal and distance closeness of the selected photo and the other photos, relation strength in the human relation meta DB and a past photo share history for the photo selected from a photo list by a user. The PC displays, as a share candidate, information related to a person of whom the share candidate point is equal to or higher than a first value. The PC displays the person of whom the share candidate point is equal to or higher than the second value by setting the check box at ON (Japanese Laid-open Patent Publication No. 2011-155385).
It is also possible to manage data in an integrated manner by using a directory service such as Active Directory by Microsoft Corporation (Japanese Laid-open Patent Publication No. 2011-114538).
Further, a cloud computing technology has recently attained widespread use. The technology enables data to be saved in an online storage which is a virtual storage over the Internet, and also enables a plurality of users to share such data.
Data saved to a server on an intranet also can be saved to an online storage over the Internet. By virtue of this arrangement, a user can use the data at an organization facility by gaining access to the server on the intranet, and use the data in a location outside the facility by gaining access to the online storage over the Internet.
In order that a user can use same data independently of whether he/she obtains access to the server on the intranet or to the online storage over the Internet, setting access rights is burdensome. This is because a user account necessary to log into the server on the intranet is different from a user account necessary to log into the online storage over the Internet.
This drawback is not solved by the method described in Japanese Laid-open Patent Publication No. 2011-114538. The method described in Japanese Laid-open Patent Publication No. 2011-155385 probably reduces a burden of making settings of an access right for data stored in the online storage over the Internet. It is however desired that access can be restricted more simply than the method described in the publication.